CVE-2020-5609 - Vulnerability Details

Vendors	Products
Yokogawa	B\/m9000cs B\/m9000cs Firmware B\/m9000vp B\/m9000vp Firmware Centum Cs 3000 Centum Cs 3000 Firmware Centum Vp Centum Vp Firmware

Link	Providers
https://jvn.jp/vu/JVNVU97997181/index.html
https://web-material3.yokogawa.com/1/29820/files/YSAR-20-0001-E.pdf

Show plain JSON

{"containers": {"cna": {"affected": [{"product": "CAMS for HIS", "vendor": "Yokogawa Electric Corporation", "versions": [{"status": "affected", "version": "CENTUM CS 3000 (includes CENTUM CS 3000 Small) R3.08.10 to R3.09.50, CENTUM VP (includes CENTUM VP Small, Basic) R4.01.00 to R6.07.00, B/M9000CS R5.04.01 to R5.05.01, and B/M9000 VP R6.01.01 to R8.03.01"}]}], "descriptions": [{"lang": "en", "value": "Directory traversal vulnerability in CAMS for HIS CENTUM CS 3000 (includes CENTUM CS 3000 Small) R3.08.10 to R3.09.50, CENTUM VP (includes CENTUM VP Small, Basic) R4.01.00 to R6.07.00, B/M9000CS R5.04.01 to R5.05.01, and B/M9000 VP R6.01.01 to R8.03.01 allows a remote unauthenticated attacker to create or overwrite arbitrary files and run arbitrary commands via unspecified vectors."}], "problemTypes": [{"descriptions": [{"description": "Directory traversal", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2020-08-05T13:12:59", "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce", "shortName": "jpcert"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://web-material3.yokogawa.com/1/29820/files/YSAR-20-0001-E.pdf"}, {"tags": ["x_refsource_MISC"], "url": "https://jvn.jp/vu/JVNVU97997181/index.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "vultures@jpcert.or.jp", "ID": "CVE-2020-5609", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "CAMS for HIS", "version": {"version_data": [{"version_value": "CENTUM CS 3000 (includes CENTUM CS 3000 Small) R3.08.10 to R3.09.50, CENTUM VP (includes CENTUM VP Small, Basic) R4.01.00 to R6.07.00, B/M9000CS R5.04.01 to R5.05.01, and B/M9000 VP R6.01.01 to R8.03.01"}]}}]}, "vendor_name": "Yokogawa Electric Corporation"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Directory traversal vulnerability in CAMS for HIS CENTUM CS 3000 (includes CENTUM CS 3000 Small) R3.08.10 to R3.09.50, CENTUM VP (includes CENTUM VP Small, Basic) R4.01.00 to R6.07.00, B/M9000CS R5.04.01 to R5.05.01, and B/M9000 VP R6.01.01 to R8.03.01 allows a remote unauthenticated attacker to create or overwrite arbitrary files and run arbitrary commands via unspecified vectors."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Directory traversal"}]}]}, "references": {"reference_data": [{"name": "https://web-material3.yokogawa.com/1/29820/files/YSAR-20-0001-E.pdf", "refsource": "MISC", "url": "https://web-material3.yokogawa.com/1/29820/files/YSAR-20-0001-E.pdf"}, {"name": "https://jvn.jp/vu/JVNVU97997181/index.html", "refsource": "MISC", "url": "https://jvn.jp/vu/JVNVU97997181/index.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T08:30:24.580Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://web-material3.yokogawa.com/1/29820/files/YSAR-20-0001-E.pdf"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://jvn.jp/vu/JVNVU97997181/index.html"}]}]}, "cveMetadata": {"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce", "assignerShortName": "jpcert", "cveId": "CVE-2020-5609", "datePublished": "2020-08-05T13:12:59", "dateReserved": "2020-01-06T00:00:00", "dateUpdated": "2024-08-04T08:30:24.580Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{

containers : { »

cna : { »

affected : [ »

0 : { »

product : CAMS for HIS (string)

vendor : Yokogawa Electric Corporation (string)

versions : [ »

0 : { »

status : affected (string)

version : CENTUM CS 3000 (includes CENTUM CS 3000 Small) R3.08.10 to R3.09.50, CENTUM VP (includes CENTUM VP Small, Basic) R4.01.00 to R6.07.00, B/M9000CS R5.04.01 to R5.05.01, and B/M9000 VP R6.01.01 to R8.03.01 (string)

}

]

}

]

descriptions : [ »

0 : { »

lang : en (string)

value : Directory traversal vulnerability in CAMS for HIS CENTUM CS 3000 (includes CENTUM CS 3000 Small) R3.08.10 to R3.09.50, CENTUM VP (includes CENTUM VP Small, Basic) R4.01.00 to R6.07.00, B/M9000CS R5.04.01 to R5.05.01, and B/M9000 VP R6.01.01 to R8.03.01 allows a remote unauthenticated attacker to create or overwrite arbitrary files and run arbitrary commands via unspecified vectors. (string)

}

]

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

description : Directory traversal (string)

lang : en (string)

type : text (string)

}

]

}

]

providerMetadata : { »

dateUpdated : 2020-08-05T13:12:59 (string)

orgId : ede6fdc4-6654-4307-a26d-3331c018e2ce (string)

shortName : jpcert (string)

}

references : [ »

0 : { »

tags : [ »

0 : x_refsource_MISC (string)

]

url : https://web-material3.yokogawa.com/1/29820/files/YSAR-20-0001-E.pdf (string)

}

1 : { »

tags : [ »

0 : x_refsource_MISC (string)

]

url : https://jvn.jp/vu/JVNVU97997181/index.html (string)

}

]

x_legacyV4Record : { »

CVE_data_meta : { »

ASSIGNER : vultures@jpcert.or.jp (string)

ID : CVE-2020-5609 (string)

STATE : PUBLIC (string)

}

affects : { »

vendor : { »

vendor_data : [ »

0 : { »

product : { »

product_data : [ »

0 : { »

product_name : CAMS for HIS (string)

version : { »

version_data : [ »

0 : { »

version_value : CENTUM CS 3000 (includes CENTUM CS 3000 Small) R3.08.10 to R3.09.50, CENTUM VP (includes CENTUM VP Small, Basic) R4.01.00 to R6.07.00, B/M9000CS R5.04.01 to R5.05.01, and B/M9000 VP R6.01.01 to R8.03.01 (string)

}

]

}

]

}

vendor_name : Yokogawa Electric Corporation (string)

}

]

}

data_format : MITRE (string)

data_type : CVE (string)

data_version : 4.0 (string)

description : { »

description_data : [ »

0 : { »

lang : eng (string)

value : Directory traversal vulnerability in CAMS for HIS CENTUM CS 3000 (includes CENTUM CS 3000 Small) R3.08.10 to R3.09.50, CENTUM VP (includes CENTUM VP Small, Basic) R4.01.00 to R6.07.00, B/M9000CS R5.04.01 to R5.05.01, and B/M9000 VP R6.01.01 to R8.03.01 allows a remote unauthenticated attacker to create or overwrite arbitrary files and run arbitrary commands via unspecified vectors. (string)

}

]

}

problemtype : { »

problemtype_data : [ »

0 : { »

description : [ »

0 : { »

lang : eng (string)

value : Directory traversal (string)

}

]

}

]

}

references : { »

reference_data : [ »

0 : { »

name : https://web-material3.yokogawa.com/1/29820/files/YSAR-20-0001-E.pdf (string)

refsource : MISC (string)

url : https://web-material3.yokogawa.com/1/29820/files/YSAR-20-0001-E.pdf (string)

}

1 : { »

name : https://jvn.jp/vu/JVNVU97997181/index.html (string)

refsource : MISC (string)

url : https://jvn.jp/vu/JVNVU97997181/index.html (string)

}

]

}

adp : [ »

0 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-04T08:30:24.580Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

tags : [ »

0 : x_refsource_MISC (string)

1 : x_transferred (string)

]

url : https://web-material3.yokogawa.com/1/29820/files/YSAR-20-0001-E.pdf (string)

}

1 : { »

tags : [ »

0 : x_refsource_MISC (string)

1 : x_transferred (string)

]

url : https://jvn.jp/vu/JVNVU97997181/index.html (string)

}

]

}

]

}

cveMetadata : { »

assignerOrgId : ede6fdc4-6654-4307-a26d-3331c018e2ce (string)

assignerShortName : jpcert (string)

cveId : CVE-2020-5609 (string)

datePublished : 2020-08-05T13:12:59 (string)

dateReserved : 2020-01-06T00:00:00 (string)

dateUpdated : 2024-08-04T08:30:24.580Z (string)

state : PUBLISHED (string)

}

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

}

Show plain JSON

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:yokogawa:centum_cs_3000_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "7CB5C1D3-A410-478C-AEBC-7A85A30B39BC", "versionEndIncluding": "r3.09.50", "versionStartIncluding": "r3.08.10", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:yokogawa:centum_cs_3000:-:*:*:*:*:*:*:*", "matchCriteriaId": "BAF123F6-D4A3-49B3-B8BC-14AA63E3A46A", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:yokogawa:centum_vp_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "D0D63842-D6A8-4FA1-B09C-71E9113FF95A", "versionEndIncluding": "r4.03.00", "versionStartIncluding": "r4.01.00", "vulnerable": true}, {"criteria": "cpe:2.3:o:yokogawa:centum_vp_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "D647BA49-5A43-437B-8C58-0294A452AF8D", "versionEndIncluding": "r5.04.20", "versionStartIncluding": "r5.01.00", "vulnerable": true}, {"criteria": "cpe:2.3:o:yokogawa:centum_vp_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "041D122C-CAFD-4AA5-A45B-A51E2F024D67", "versionEndIncluding": "r6.07.00", "versionStartIncluding": "r6.01.00", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:yokogawa:centum_vp:-:*:*:*:*:*:*:*", "matchCriteriaId": "161A4767-228C-4681-9D20-81D9380CE48A", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:yokogawa:b\\/m9000cs_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "3131E58F-D32D-4FDC-AAD1-DE7BBAC10659", "versionEndIncluding": "r5.05.01", "versionStartIncluding": "r5.04.01", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:yokogawa:b\\/m9000cs:-:*:*:*:*:*:*:*", "matchCriteriaId": "A6C0600F-87E0-4CE5-ACB9-49F160DB3D33", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:yokogawa:b\\/m9000vp_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "9458CCD1-1820-4395-95CD-AEAC589DA4B2", "versionEndIncluding": "r8.03.01", "versionStartIncluding": "r6.01.01", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:yokogawa:b\\/m9000vp:-:*:*:*:*:*:*:*", "matchCriteriaId": "86DDD4A8-FE34-4446-A0C2-4E282F881068", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "Directory traversal vulnerability in CAMS for HIS CENTUM CS 3000 (includes CENTUM CS 3000 Small) R3.08.10 to R3.09.50, CENTUM VP (includes CENTUM VP Small, Basic) R4.01.00 to R6.07.00, B/M9000CS R5.04.01 to R5.05.01, and B/M9000 VP R6.01.01 to R8.03.01 allows a remote unauthenticated attacker to create or overwrite arbitrary files and run arbitrary commands via unspecified vectors."}, {"lang": "es", "value": "Una vulnerabilidad salto de directorio en CAMS para HIS CENTUM CS 3000 (incluye CENTUM CS 3000 Small) versiones R3.08.10 hasta R3.09.50, CENTUM VP (incluye CENTUM VP Small, Basic) versiones R4.01.00 hasta R6.07.00, B/M9000CS versiones R5.04.01 hasta R5.05.01 y B/M9000 VP versiones R6.01.01 hasta R8.03.01, permiten a un atacante remoto no autenticado crear o sobrescribir archivos arbitrarios y ejecutar comandos arbitrarios por medio de vectores no especificados"}], "id": "CVE-2020-5609", "lastModified": "2024-11-21T05:34:21.410", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-08-05T14:15:13.187", "references": [{"source": "vultures@jpcert.or.jp", "tags": ["Third Party Advisory"], "url": "https://jvn.jp/vu/JVNVU97997181/index.html"}, {"source": "vultures@jpcert.or.jp", "tags": ["Vendor Advisory"], "url": "https://web-material3.yokogawa.com/1/29820/files/YSAR-20-0001-E.pdf"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://jvn.jp/vu/JVNVU97997181/index.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://web-material3.yokogawa.com/1/29820/files/YSAR-20-0001-E.pdf"}], "sourceIdentifier": "vultures@jpcert.or.jp", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{

configurations : [ »

0 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:yokogawa:centum_cs_3000_firmware:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 7CB5C1D3-A410-478C-AEBC-7A85A30B39BC (string)

versionEndIncluding : r3.09.50 (string)

versionStartIncluding : r3.08.10 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

1 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:h:yokogawa:centum_cs_3000:-:*:*:*:*:*:*:* (string)

matchCriteriaId : BAF123F6-D4A3-49B3-B8BC-14AA63E3A46A (string)

vulnerable : false (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

operator : AND (string)

}

1 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:yokogawa:centum_vp_firmware:*:*:*:*:*:*:*:* (string)

matchCriteriaId : D0D63842-D6A8-4FA1-B09C-71E9113FF95A (string)

versionEndIncluding : r4.03.00 (string)

versionStartIncluding : r4.01.00 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:o:yokogawa:centum_vp_firmware:*:*:*:*:*:*:*:* (string)

matchCriteriaId : D647BA49-5A43-437B-8C58-0294A452AF8D (string)

versionEndIncluding : r5.04.20 (string)

versionStartIncluding : r5.01.00 (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:o:yokogawa:centum_vp_firmware:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 041D122C-CAFD-4AA5-A45B-A51E2F024D67 (string)

versionEndIncluding : r6.07.00 (string)

versionStartIncluding : r6.01.00 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

1 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:h:yokogawa:centum_vp:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 161A4767-228C-4681-9D20-81D9380CE48A (string)

vulnerable : false (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

operator : AND (string)

}

2 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:yokogawa:b\/m9000cs_firmware:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 3131E58F-D32D-4FDC-AAD1-DE7BBAC10659 (string)

versionEndIncluding : r5.05.01 (string)

versionStartIncluding : r5.04.01 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

1 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:h:yokogawa:b\/m9000cs:-:*:*:*:*:*:*:* (string)

matchCriteriaId : A6C0600F-87E0-4CE5-ACB9-49F160DB3D33 (string)

vulnerable : false (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

operator : AND (string)

}

3 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:yokogawa:b\/m9000vp_firmware:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 9458CCD1-1820-4395-95CD-AEAC589DA4B2 (string)

versionEndIncluding : r8.03.01 (string)

versionStartIncluding : r6.01.01 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

1 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:h:yokogawa:b\/m9000vp:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 86DDD4A8-FE34-4446-A0C2-4E282F881068 (string)

vulnerable : false (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

operator : AND (string)

}

]

descriptions : [ »

0 : { »

lang : en (string)

value : Directory traversal vulnerability in CAMS for HIS CENTUM CS 3000 (includes CENTUM CS 3000 Small) R3.08.10 to R3.09.50, CENTUM VP (includes CENTUM VP Small, Basic) R4.01.00 to R6.07.00, B/M9000CS R5.04.01 to R5.05.01, and B/M9000 VP R6.01.01 to R8.03.01 allows a remote unauthenticated attacker to create or overwrite arbitrary files and run arbitrary commands via unspecified vectors. (string)

}

1 : { »

lang : es (string)

value : Una vulnerabilidad salto de directorio en CAMS para HIS CENTUM CS 3000 (incluye CENTUM CS 3000 Small) versiones R3.08.10 hasta R3.09.50, CENTUM VP (incluye CENTUM VP Small, Basic) versiones R4.01.00 hasta R6.07.00, B/M9000CS versiones R5.04.01 hasta R5.05.01 y B/M9000 VP versiones R6.01.01 hasta R8.03.01, permiten a un atacante remoto no autenticado crear o sobrescribir archivos arbitrarios y ejecutar comandos arbitrarios por medio de vectores no especificados (string)

}

]

id : CVE-2020-5609 (string)

lastModified : 2024-11-21T05:34:21.410 (string)

metrics : { »

cvssMetricV2 : [ »

0 : { »

acInsufInfo : false (boolean)

baseSeverity : HIGH (string)

cvssData : { »

accessComplexity : LOW (string)

accessVector : NETWORK (string)

authentication : NONE (string)

availabilityImpact : PARTIAL (string)

baseScore : 7.5 (number)

confidentialityImpact : PARTIAL (string)

integrityImpact : PARTIAL (string)

vectorString : AV:N/AC:L/Au:N/C:P/I:P/A:P (string)

version : 2.0 (string)

}

exploitabilityScore : 10 (number)

impactScore : 6.4 (number)

obtainAllPrivilege : false (boolean)

obtainOtherPrivilege : false (boolean)

obtainUserPrivilege : false (boolean)

source : nvd@nist.gov (string)

type : Primary (string)

userInteractionRequired : false (boolean)

}

]

cvssMetricV31 : [ »

0 : { »

cvssData : { »

attackComplexity : LOW (string)

attackVector : NETWORK (string)

availabilityImpact : HIGH (string)

baseScore : 9.8 (number)

baseSeverity : CRITICAL (string)

confidentialityImpact : HIGH (string)

integrityImpact : HIGH (string)

privilegesRequired : NONE (string)

scope : UNCHANGED (string)

userInteraction : NONE (string)

vectorString : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H (string)

version : 3.1 (string)

}

exploitabilityScore : 3.9 (number)

impactScore : 5.9 (number)

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

published : 2020-08-05T14:15:13.187 (string)

references : [ »

0 : { »

source : vultures@jpcert.or.jp (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : https://jvn.jp/vu/JVNVU97997181/index.html (string)

}

1 : { »

source : vultures@jpcert.or.jp (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : https://web-material3.yokogawa.com/1/29820/files/YSAR-20-0001-E.pdf (string)

}

2 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : https://jvn.jp/vu/JVNVU97997181/index.html (string)

}

3 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : https://web-material3.yokogawa.com/1/29820/files/YSAR-20-0001-E.pdf (string)

}

]

sourceIdentifier : vultures@jpcert.or.jp (string)

vulnStatus : Modified (string)

weaknesses : [ »

0 : { »

description : [ »

0 : { »

lang : en (string)

value : CWE-22 (string)

}

]

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

Affected Vendors & Products

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object